Chapter 2 Understanding Identity and Access Management Flashcards
___________ occurs when users claim (or profess) their identity with identifiers such as usernames or email addresses.
Identification
Users then prove their identity with _________, such as with a password.
Authentication
True or False : You can’t have any type of access control if you can’t identify a user.
True
True or False : Authentication, authorization, and accounting (AAA) work together with identification to provide a comprehensive access management system.
True
Users are granted __________ to access resources based on their proven identity.
Authorization
___________ methods track user activity and record the activity in logs.
Accounting
An _____ ____ allows security professionals to re-create the events that preceded a security incident.
Audit trail
True or False : A use case of supporting authentication may require administrators to implement one factor of authentication for basic authentication, two factors for more secure authentication, or more factors for higher security.
True
List factors for authentication
- Something you know - PIN, password
- Something you have - CAC, Smart card
- Something you are - Biometric - fingerprint, retina, face
- Something you are such as you location
- Something you do - pattern swipe, gestures
The ________ __ _____ authentication factor typically refers to a shared secret, such as a password or even a PIN.
Something you know
What is the least secure form of authentication?
Something you know
True or False :
A strong password is of sufficient length, doesn’t include words found in a dictionary or any part of a user’s name, and combines at least three of the four following character types:
• Uppercase characters (26 letters A–Z)
• Lowercase characters (26 letters a–z)
• Numbers (10 numbers 0–9)
• Special characters (32 printable characters, such as !, $, and *)
True
What does MS recommend for minimum password length as of 2016?
14 characters
True or False : The combination of different characters in a password makes up the key space, and you can calculate the key space with the following formula: C^N (CN). C is the number of possible characters used, and N is the length of the password
True
True or False : An attacker can crack a 10-character password using only lowercase characters (141 trillion possibilities)in less than two hours.
True
Why do security experts say that too complex passwords are less secure?
Because it is more difficult to remember and users will likely write it down or store in an insecure file.
True or False : Complex passwords use a mix of character types. Strong passwords use a mix of character types and have a minimum password length of at least 14 characters
True
True or False : It’s not important for an organization to provide adequate training to users on password security.
(Page 172).
False
It is important
True or False : Users should change their passwords regularly, such as every 45 or 90 days.
True
True or False : Before resetting passwords for users, it’s important to verify the user’s identity. When resetting passwords manually, it’s best to create a temporary password that expires upon first use.
True
A _______ _______ system remembers past passwords and prevents users from reusing passwords
Password history
True or False : It’s common for password policy settings to remember the last 24 passwords and prevent users from reusing these until they’ve used 24 new passwords
True
_____ ______ allows an administrator to configure a setting once in a ______ ______ ______ and apply this setting to many users and computers within the domain.
Group Policy, Group Policy Object (GPO)
True or False : Group Policy is implemented on a domain controller within a domain. Administrators use it to create password policies, implement security settings, configure host-based firewalls, and much more
True